Microsoft Exchange Server Remote Code Execution Vulnerability
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html | Exploit Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html | Exploit Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html | Exploit Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Dec 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.1 |
Summary | (en) Microsoft Exchange Server Remote Code Execution Vulnerability |
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 |
06 May 2022, 20:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html - Exploit, Third Party Advisory, VDB Entry |
21 May 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 May 2021, 16:52
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.html - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry |
18 May 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Mar 2021, 02:33
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html - Exploit, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.html - Exploit, Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_22:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:-:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:* |
23 Mar 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Mar 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Mar 2021, 17:58
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:* cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo |
03 Mar 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-03 00:15
Updated : 2024-02-15 20:18
NVD link : CVE-2021-26855
Mitre link : CVE-2021-26855
CVE.ORG link : CVE-2021-26855
JSON object : View
Products Affected
microsoft
- exchange_server
CWE
CWE-918
Server-Side Request Forgery (SSRF)